It's a bit hard to follow since we know nothing about your setup, I see you use a custom /solr9 ZK chroot etc.
Best to get broad support is do do a minimal reproduction setup for us to test out. E.g. starting with, say a fresh solr 9.10.1 untar, give us a list of commands to run that ends up in the error you're seeing. E.g. sounds like you run an embedded zookeeper on one of the nodes (how many nodes do you have?). So a sequence of commands that we could follow along with locally would be: # Start solr in cloud mode on port 8983 with an embedded zookeeper on port 9983, default zkChroot of /solr bin/solr start -c -p 8983 # Open Admin UI, confirm that auth is not enabled open http://localhost:8983 # Prepare a security.json cat << EOF > security.json { foo } EOF # Upload the security.json to solr bin/solr zk cp ./security.json zk:/solr/security.json # Verify that you must log in in Admin UI open http://localhost:8983 # List zookeeper content bin/solr zk ls /solr/ What I think you say is that 'bin/solr auth enable --type basicAuth --credentials solr:solr' does work, but not your self-made security.json? If so, share the json file with us Jan > 12. feb. 2026 kl. 20:39 skrev Dmitri Maziuk <[email protected]>: > > On 2/11/26 22:05, Ciprian Dimofte - Opensolr.com wrote: >> Hey Dima, >> You're not missing anything — there is no REST/HTTP API endpoint for >> uploading security.json to ZooKeeper. It's a known gap in Solr 9's >> "everything is API" story. >> Your options are the two CLI approaches you already found: >> bin/solr zk cp file:security.json zk:/security.json -z localhost:9983 > > So this doesn't actually work on the production cluster with zk "chroot": > ``` > bin/solr zk cp file:security.json zk:/solr9/security.json > ``` > does place security.json into /solr9 node of zk tree, but "security" page in > admin UI still shows "security not enabled for this server". After restarting > the nodes, startup log message is "Not all security plugins configured! > authentication=disabled authorization=disabled." > > All I see in The Fine Manual on the subject is "you should use the > appropriate APIs for the plugins you're using to update it". I doubt anyone > who isn't Solr security API developer will figure this one out. > >> bin/solr auth enable — which bootstraps a default BasicAuth security.json >> for you. > > This is the only way that worked for me. > > Thanks > Dima >
